Skip to Main Content


  1. Governor

Privacy and Security Work Group Minutes - February 17 2011 

February 17, 2011

Attendees (phone and in-person):

  • Ira Thompson, Infinite Systems Support
  • Dr. Arnold Widen, Office of the Attorney General
  • John Burge, BMC Group
  • Marilyn Lamar, Liss & Lamar, P.C.
  • Steve Lawrence, Lincoln Land HIE (LLHIE)
  • Jay McCutcheon, Southern Illinois University
  • Crystal VanDeventer, LLHIE
  • Rick Wood, BMC Group

Office of Health Information Technology (OHIT)

  • Mark Chudzinski
  • Krysta Heaney

Mark Chudzinski opened the meeting at 2 p.m., hosted by OHIT. The minutes from January 17, 2011, were approved.

Federal & State Update: Mark Chudzinski shared with the group five state updates.

1. ILHIE Authority. Governor Quinn appointed eight of the nine board members of the ILHIE Authority last week, and they were submitted to the Illinois Senate for confirmation yesterday, February 16, 2011; an Executive Director has not yet been appointed. It is anticipated that the new Authority will have its inaugural meeting by the end of April. The eight appointees of the Authority are:

  1. Bechara Choucair, MD, Commissioner of the Chicago Department of Public Health, Chicago
  2. David Holland, Chief Information Officer, Southern Illinois Healthcare, Carbondale
  3. William Kobler, MD, Physician in private practice, Rockford
  4. Mark Neaman, MHA, Chief Executive Officer, NorthShore University Health System, Evanston
  5. Nancy Newby, PhD, CEO Washington County Hospital, Nashville
  6. Nicholas Panomitros, DDS, Dentist in private practice, Chicago
  7. R. Bruce Wellman, MD, Chief Executive Officer, Carle Physician Group, Champaign
  8. Cheryl Rucker-Whitaker, MD, Senior Program Officer, Chicago Community Trust, Chicago

Board member bios will be available on the OHIT Web site.

2. OHIT Chief Technology Officer (CTO). Patricia Cunningham has resigned. OHIT is actively seeking a replacement.

3. Direct Project RFP. As approved by the Office of the National Coordinator (ONC), the state's strategy to ensure providers have at least one option available to them to meet the exchange requirements of Meaningful Use in 2011 includes the implementation of the Direct Project. Recent Direct Project developments suggest there may be an increase in the availability and exchange capabilities available at the national level. On Tuesday, February 15, 2011, Surescripts announced the launch with American Academy of Family Physicians (AAFP) of "AAFP Physicians Direct," a nationwide service for clinical information exchange. OHIT will continue to monitor progress on the Direct Project.

4. Local HIE Updates. On January 27, 2011, the newly established "Statewide HIE Alliance Work Group" held its first meeting. The seven members of the Work Group are:

  1. Central Illinois Health Information Exchange (CIHIE) Peoria
  2. Southern Illinois Health Information Exchange (HIESI) Carbondale
  3. Illinois Critical Access Hospital Network (ICAHN) Exchange (ICHAN Exchange) Statewide
  4. Illinois Health Exchange Partners (IHEP) East St. Louis
  5. Lincoln Land Health Information Exchange (LLHIE) Springfield
  6. MetroChicago Health Information Exchange (MC-HIE) Chicago
  7. Northern Illinois Health Information Exchange (NIHIE) Rockford

Two or three HIEs plan to provide services during 2011.

5. Illinois Immunization Data Registry Act HB1338: HB1338 was introduced last week. A key component of this bill is the Opt-Out, instead of our current Opt-In, policy for the state immunizations registry, I-CARE.

General Updates: Mark Chudzinski outlined a strategy to address privacy and security, and foster patient trust in the HIE. The ILHIE Authority, through a foundational three-point "privacy program," would serve as the entity responsible for monitoring and enforcing privacy and security standards for the Illinois HIE. This privacy program would include the following:

  1. An ILHIE Chief Privacy Officer
  2. A monitoring and notification system
  3. Coordinated program enforcement through both the Illinois Attorney General's Office and the Illinois Office of the Inspector General

Mark Chudzinski asked for assistance in identifying estimated costs that may be associated with the development and implementation of this strategy, e.g., forensic audit staff, educational resources, a protected health information (PHI) hotline, investigations and notifications after a breach, etc. Marilyn Lamar offered to check if there were resources or information available through the Upper Mid-West Consortium in this regard.

Crystal VanDaventer provided an update on recent activities occurring at LLHIE and IHEP. Both local HIEs have finalized their vendor selection, and are making progress on determining their corporate governance structures.

Ira Thomson provided an update on recent Audit Group activities. The Audit group continues to review the audit and security procedures pursued by other states. As an example, Ira Thompson provided an assessment of Kentucky's privacy and security policies.

Next Steps: The next meeting of the Privacy & Security Work Group was tentatively scheduled for March 17, 2011, at 2 p.m.

Meeting adjourned at 3 p.m.